When Target announced this week that it was selling its pharmacy business to CVS, it was good news for CVS, which will add more than 1,660 pharmacies across 47 states — plus 80 clinics — to its network of some 7,800 drugstores and almost 1,000 clinics. But lost amid all of the mega-drugstore talk are some extremely likely data security and privacy problems and HIPAA horrors.

What we have is a potential data security train wreck. Screaming in one track is Target’s collection of highly sensitive personal prescription and medical history, one of the largest in the world, while barreling in on the other track we have Target’s employees, who have little incentive to carefully follow data transfer protocols now that the data is about to be taken over by another company — and who likely suspect that they will not be Target employees much longer.